THREAT

AWARENESS

PROTECTIVE will develop a “Knowledge Exchange” to facilitate the sharing of threat intelligence (TI) and will apply this to the NREN domain to significantly improve the degree of TI sharing. It will develop novel approaches to assessing data quality trust in order to improve acceptance and usage of TI.

CONTEXT

AWARENESS

PROTECTIVE will develop tools to allow both internal and external CSIRTs to model their mission and constituency (i.e. assets) and to link these together to indicate the criticality of assets to the organisation.

RISK

AWARENESS

PROTECTIVE will apply several novel techniques to the development of security alert prioritisation. The prioritisation framework algorithms will utilize several different alert attributes, including context awareness, to determine the ranking of the alerts.

IMPLEMENTATION

FRAMEWORK

PROTECTIVE will develop a novel requirements modelling approach to capture the CSIRT security operations work-flow in order to understand their concepts and processes and hence develop an optimised workflow for the implementation of the PROTECTIVE solution.

PROTECTIVE

Aims to provide security teams, with a greater cyber defence capability through improved cyber situational awareness (CSA). This will simultaneously raise their level of awareness of the risk to their business posed by cyber-attacks as well as enhancing their capacity to respond to threats.